Application streaming provides the ability for an endpoint (e.g., a client computer) to run an application locally that is stored remotely, for example on a server. The server transmits specific portions of the application (e.g., code pages) to the endpoint, as the endpoint needs them. Application streaming offers a number of advantages over running the application on the server. Streaming the application allows the application to execute locally on the endpoint, instead of remotely on the server. This eliminates the need for large farms of servers to provide applications to a plurality of client computers. Application response time to the user is also significantly faster when the application is run locally on the endpoint, as opposed to remotely on the server. Commercial application streaming technology exists today.
A network file system is a computer file system that supports sharing of resources such as files, printers and/or persistent storage over a computer network. Network file systems such as Andrew File System (AFS), NetWare Core Protocol (NCP), and Server Message Block (SMB, also known as Common Internet File System (CIFS)) exist today. Network file systems can share files, including executable files, between servers and endpoints.
Block-oriented application streaming technology and some network file systems stream only those blocks of an application that are required for execution of the features being used on the endpoint. In most cases, only a portion of the entire file is transferred to the client. This allows the desired features to be executed without the overhead of having to transfer the entire file to the client, but can cause problems for client side security systems.
More specifically, in some cases security systems verify a digital signature on an executable file before allowing it to run. This security check can be used to ensure that the file is from a trusted source, and/or has not been infected with malicious code or otherwise compromised. However, digital signature verification requires the entire file to be present. Thus, when only a portion of an executable file is present, the digital signature of the file cannot be verified and hence the executable cannot be run under such streaming technologies without first transferring the entire file to the client. Transferring the entire file eliminates the efficiency gain that can be provided by the streaming service.
It would be desirable to eliminate these shortcomings.